Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 1573 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Limit Web Application Security to a group of IP

onitram
Hi,

I use Web Application Security as a Reverse Proxy. I need to limit only one external IP or a group of IPs to use this feature. I don't wont any other IPs can reach the destnation Server.

Is there a solution?

Thanks in advance


This thread was automatically locked due to age.
Parents
  • 0
    I've gone ahead with the suggested clumsy work-around and its working. For clarification, is this work-around successful due to the ASG order of operations (nat > proxy > firewall > routing) ?

    In essence rule 1 passes allowed IPs through to the proxy? while rule 2 blackholes all additional requests?

    Does anyone have implementation guideline do's or don'ts on this that they'd be willing to share?
  • 0 in reply to darcym
    Darcym, don't forget to go vote for the feature request mentioned above at feature.astaro.com... My understanding is that Sophos/Astaro will be doing some work on the WAF feature in Version 9... Maybe if we get some votes down on that feature it'll happen sooner or later... I'll be tossing a few votes on it myself shortly.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0 in reply to BrucekConvergent
    Darcym, don't forget to go vote for the feature request mentioned above at feature.astaro.com... My understanding is that Sophos/Astaro will be doing some work on the WAF feature in Version 9... Maybe if we get some votes down on that feature it'll happen sooner or later... I'll be tossing a few votes on it myself shortly.


    Already done under:
    Web Application Security: White / Blacklist Support for Visitor IP's
Reply Children
  • 0 in reply to darcym
    Good deal!  One of the best things Astaro has done is create that feature request site... And they definitely pay attention to it!

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Unfiltered HTML